Change Session Settings

Oracle Identity Cloud Service session settings include session duration; URLs for login, logout, errors, and social callback, and CORS settings.

To open this page, you must be assigned the identity domain administrator role or the security administrator role.
  1. In the Identity Cloud Service console, expand the Navigation Drawer, click Settings, and then click Session Settings.
  2. In the Session Duration field, enter a duration in minutes.


    The Session Duration is the duration in minutes for which the user’s session is valid. The user's session will time out after the Session Duration has been reached regardless of actual user activity or inactivity.
  3. In the Login URL field, enter the URl where you want the user redirected to log in.
  4. Turn on the Enable Custom Login Page For The Admin Console switch to allow login-customization for the Admin Console.
  5. Enter a Logout URL. For example, to redirect the user to the My Profile console, enter /ui/v1/myconsole.
  6. In the Error URL field, enter the tenant specific Error page URL to which a user is redirected after an error. This URL is used when the Application specific Custom Error URL is not specified for an Application.
  7. In the Social Linking Callback URL field, enter the URL that Oracle Identity Cloud Service redirects to after linking a user between social providers and Oracle Identity Cloud Service is complete. This URL is used when the Application specific Social Linking Callback URL is not specified for an Application.
  8. (Optional) Turn on Allow Cross-Origin Resource Sharing (CORS). If you turn this option on, you might also want to set the Allowed CORS Domain Names option.
  9. Leave the Show The Specific Error Message For Login Policy Violation switch on.
    This option is switched on by default and allows the system to display the specific policy-violation error-message if the login policy is violated. Although this option is less secure, but is more helpful. However, if the switch is turned off, the system displays the standard error message. This is the most secure behavior.
  10. Click Save.